The Internet of Vehicles is developing by leaps and bounds, but the security problem is still the biggest difficulty.

2025年8月23日 | admin | A1

According to the latest research data, it is estimated that the cumulative automobile sales in China will reach 26.19 million by the end of 2016. By then, the number of cars will reach an astonishing 193 million, which is also the highest data of car ownership in China. With the gradual saturation of the domestic automobile market and the maturity of the traditional car-making technology, the entire automobile industry is bound to usher in an upgrade and transformation, and today’s rapid development of the Internet of Vehicles is one of the breakthroughs in the automobile industry that are now highly anticipated by Chinese people.

The Internet of Vehicles, specifically, refers to a large-scale system network that carries out wireless communication and information exchange among V2V, V2R, V2H and V2I through electronic components such as GPS positioning, RFID (radio frequency technology) identification, sensors, cameras and image processing integrated in automobiles according to agreed communication protocols and data interaction standards.It is an integrated network that can realize intelligent traffic management, intelligent dynamic information service and intelligent vehicle control..

Many people understand car networking as car networking, but it is actually an interconnected system on every car, and its mechanism is similar to the relationship between mobile phones and mobile phone systems. After constructing the information platform, the Internet of Vehicles can integrate ITS, logistics, passenger and freight transportation, dangerous vehicles, auto repair and auto parts, car rental, vehicle management of enterprises and institutions, automobile manufacturers, 4S shops, vehicle management, insurance, emergency rescue, mobile Internet and other ecological chains.

In the existing promotion of domestic car networking products, almost all of them are large-size touch screens based on Android system. If you think about the actual functions of these products, smartphones can actually be realized. On the other side of the ocean, the car networking in the United States is fundamentally different from smart phones. It shares the information of all participants in traffic, thus making the whole transportation system smarter and more efficient, and greatly reducing accidents and congestion.

From a straight point of view, the functions that the Internet of Vehicles should realize are: when reversing, the system will remind whether there is a vehicle passing behind; When passing an intersection without a signal light, the system will warn whether there is a car in the blind area of vision; After the combination of vehicle networking and autonomous driving, vehicles can obtain the speed, direction and location information of all traffic participants through the vehicle networking, as well as the information of traffic lights and signs. Under the automatic planning of the system, traffic congestion will also be greatly reduced.

It is not what most people know: you can chat on WeChat, order a takeaway, look at the webpage and find a parking lot through the car platform.

And the reason for this phenomenon is not difficult to think of.At this stage, the domestic car networking is almost dominated by Internet companies, and Internet companies have not yet got rid of the habit of being keen on grabbing Internet portal resources. In this way, at this stage, the domestic car networking still stays in the networking of vehicles, and has not really realized the interconnection of vehicles.

From the perspective of the entire car networking industry chain, the main body is divided into four sections: end, management, cloud and big data.

The terminal, namely the intelligent display mode of V2X interaction, is responsible for collecting and obtaining the intelligent information of vehicles and sensing the driving state and environment. The derivatives include smart phones, car navigation machines, car central control screens and so on.

Tube, that is, the vehicle behavior and other conditions are transmitted to the channel of the cloud platform through data, and the interconnection problems between vehicles (V2V), vehicles and infrastructure (V2I) and vehicles and cloud (V2C) are solved, which are mainly transmitted by network operators. Derivatives include network communication sources and mobile data signals.

Cloud, that is, through the cloud platform, provides cloud services for vehicle scheduling, monitoring, management and data aggregation.

Big data platform, that is, by integrating, calculating and applying data, connects the cloud platform with 4S stores, automakers, insurance companies and Internet companies, and provides them with data-based user portraits, marketing strategies and other support services.

However, in order to realize V2X, the tube plays a key role. At this stage, whether it is the front-loading networking products of traditional car companies or the after-loading smart car networking products of various Internet companies, they are basically still in the stage of closed-door creation, and the ecology is relatively closed. Perhaps there can be some interconnection between their own products, but they have not achieved cross-brand interconnection.

Of course, the realization of V2X is not achieved by one or two enterprises. First of all, we lack a mandatory and effective platform and standard, without which there is no way. Secondly, the domestic road traffic situation has always been quite complicated, and drivers’ driving habits are also different. Even the supporting traffic facilities need to be improved, so it is easy to imagine the difficulty of connecting these infrastructures to the Internet. Further, the Internet of Vehicles also relies heavily on high-precision maps and road information to judge the lane and accurately locate it, but at present, the domestic high-precision has not been truly commercialized.

Regarding the current situation of car networking in China, Wang Qiang, CEO of Feichi Magnesium, thinks that car networking is not simply equivalent to car+Internet, and it is not just to connect the car directly with the mobile phone and pad, or to transplant the application on the mobile phone to the big screen in the car. The real car networking in the sense of front-loading should be "car+car networking", in which the car networking is a relatively closed technical system as opposed to the public mobile Internet. Because the attribute of a car is a safe and high-speed vehicle, the most basic thing is safety, not functional richness.

Therefore, if you want to connect vehicles, both safety and intelligence are indispensable, which is the first difference in concept. Many people think that the Internet of Vehicles is the central control screen, but in fact, the car is a part. Mobile phones and wearable devices should also be able to access related services on the cloud, and display different services according to the characteristics of the screen, which are uniformly provided by the cloud.

Therefore, the root cause of the domestic car networking not realizing V2X lies in the lack of relevant industry standards.However, at the 3GPP meeting in September this year, the formulation of LTEV2V standard was formally completed, and it is expected that the formulation of other standards such as V2X will be completed in March 2017. China joined the 3GPP as early as 1999, so the related standards of car networking may also be applicable in China, so the real car networking era may break out next year.

With the continuous expansion of the application scope of the Internet of Vehicles, security attacks will increase accordingly. There have been many accidents and attacks on the Internet of Vehicles, such as:

The recall of Fiat Chrysler Automobile Company in the United States. Hackers use internet technology to invade the "Uconnect" system of a moving Cherokee jeep and remotely control the acceleration and braking system, radio and wipers of the car.

The BMW ConnectedDrive digital service system was invaded, and hackers could use this vulnerability to invade the interior of the vehicle in a remote and wireless way and open the door.

Tesla Model S was invaded, and network security experts opened the door and drove away through the loopholes in Model S. At the same time, they could send a "suicide" command to Model S and suddenly shut down the system engine during normal driving of the vehicle.

In addition, the MegamosCrypto protection system of Volkswagen brands such as Audi, Porsche, Bentley and Lamborghini has also been breached.

The general network architecture of the Internet of Vehicles is based on the TSP background, and vehicles are connected to it through the car or T-box, and the App on smart devices interacts with it through Wi-Fi or other communication networks, and third-party content and service providers need to be connected to it. In addition, TSP may also be connected to some other systems within the car enterprise. Therefore, to sum up, the car networking system is vulnerable to attacks as follows:

1. Car end: infotainment system, T-box, internal CAN network and external keys.

2. Apps on mobile phones and watches

3. OBD equipment connected with CAN network.

4. Cloud server where the TSP background is located

5. Communication process, including communication from car, T-box to background, communication from App to background, etc.

Next, we will start from the perspective of multiple market segments in the field of car networking to see how they ensure the security of the car networking network.

  • After loading networking equipment, it is necessary to isolate the bottom of the vehicle.

At present, the smart rearview mirror is the most common among the after-installed smart car networking products in the automobile market, while the smart rearview mirror products in China, such as Jidou Car Networking Company, connect the equipment with the CAN network of the vehicle to monitor the vehicle data. So how can the security of such a connection be guaranteed? Wang Yifei, CEO of Jidou Car Network, said that their products adopt the way of isolating the bottom of the car and adding a hardware firewall to ensure the safety of the car. In case of hacker intrusion, the hacker can’t obtain the underlying information of the vehicle, so he can’t control the vehicle, and the relevant data of the vehicle can’t be obtained and tampered with. At the software and cloud level, polar bean has also done a lot of security work, thus forming a set of all-round protection.

However, most of these rear-loading networking devices are connected by OBD interface, and hackers need to ensure that OBD devices are in the car and not far away from the car if they want to attack, so it is unlikely that hackers will attack.

  • Operators of front-loading networking equipment and networking platform adopt terminal hardware protection and cloud key application.

Cai Dong, the executive vice president of Feichi Magnesium, summed up the above-mentioned vulnerable points, which are actually the three core points of vehicle terminal, server terminal and mobile terminal in the Internet of Vehicles, and their security solutions are mainly concentrated on these three key points. In the vehicle terminal, the embedded security chip is used to manage keys and encryption operations. At present, the T-BOX product ConnectedEngine adopts this technology, and the security level has been recognized by the automobile factory, which has entered the pre-assembly sequence of the automobile factory. On the server side, the security products and policies provided by the cloud service provider are configured, and the self-developed key application SDK is loaded, which is responsible for encrypting data with the vehicle-mounted terminal and the mobile terminal.

In the mobile terminal APP, the key codes are dynamically encrypted and tampered with, and the mobile terminal equipment, user account number, information and mobile phone number are bound by digital certificate technology to ensure the legal reliability of the mobile terminal. In the aspect of password application, the combination of symmetric encryption and decryption, asymmetric encryption and decryption and HASH algorithm is adopted to ensure the security and integrity of data communication while minimizing the impact on performance.

  • Communication service providers adopt hierarchical security architecture to ensure the safety isolation of equipment.

As the world’s top communication service provider, Huawei is also involved in the field of vehicle networking communication, and Huawei’s Kald Lab is an organization specializing in vehicle networking security architecture. Dr. Li Tieyan from Huawei’s Kald Lab, when preaching the security architecture of vehicle networking, said: "In order to deal with all kinds of security threats inside and outside the vehicle, a new hierarchical security architecture is needed to ensure the safe isolation of vehicle-vehicle heterogeneous networks. The outermost defense line reduces all kinds of network attacks from the outside by strengthening the authentication technology between the vehicle and the outside world (V2X); The second line of defense can adopt firewall and intelligent detection technology to realize the security isolation, access control and anomaly detection between the entertainment and navigation systems in the car and the internal network of the car.

The existing vehicle architecture lacks the necessary security mechanism, which can’t avoid the hacker’s infiltration attack from the outside to the inside. It is necessary to rebuild the hierarchical linkage security architecture to realize the layer-by-layer protection of the safety-sensitive CAN(Controller Area Network) network segment and key ECU(Electronic Control Unit) components. "

As a key technology to support the hierarchical car networking security architecture, Kald Lab also shared their latest research results:

1. The CAN Bus message authentication scheme based on the international security standard ISO/IEC 9798-2 is simple and efficient, and can be integrated without adding new hardware.

2. A new anonymous authentication mechanism called Extended Dynamic Accumulator is proposed, which can ensure the true source of the message and not reveal the identity of the owner when communicating between cars and roadside facilities in the future, and effectively balance several key requirements (SAE J2945/1) put forward by SAE, such as safety, privacy, efficiency and dynamic membership change.

The future development trend of the Internet of Vehicles is irreversible. Major car companies and Internet companies are developing corresponding hardware, cloud and communication methods. However, at this stage, different modes are definitely not accessible, and data, technologies and standards of all parties should be integrated. When all enterprises in the field of car networking can follow the standards, the car networking may be able to usher in a real outbreak.

In addition, the Internet of Vehicles has been controversial since its birth, and it can be said that it has never been trusted by consumers, precisely because its security is not absolutely guaranteed. At this stage, the popularity of the Internet of Vehicles has not yet reached, and its powerful intelligent performance needs more users to use the same application before the corresponding big data can achieve the expected effect.

Let’s imagine that when the Internet of Vehicles becomes the mainstream product in the future automobile market, the resulting security problems will probably appear more frequently. Although related companies have been doing product safety maintenance and upgrading, there is no absolutely safe firewall in the world, and people certainly don’t want to drive their own vehicles at any time to be taken over by others. After all, the safety of vehicles is related to our lives, so safety is the most important thing on the road of vehicle networking development. We should not only see how the Internet of Vehicles makes our life more efficient and convenient, but ignore the dangers it may bring at any time.

 [titanium media author introduction: JOKER@ magnesium guest network, WeChat WeChat official account "magnesium guest network", Weibo @ magnesium guest network]

More industry analysis, pay attention to titanium media micro-signal (ID: taimeiti), or download titanium media App.